fix: requirements/base.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713 - https://snyk.io/vuln/SNYK-PYTHON-GUNICORN-6615672 - https://snyk.io/vuln/SNYK-PYTHON-HOLIDAYS-6591328 - https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-6615674 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
preset-io · May 3, 2024 · eac2782 · eac2782
1 parent 517f254
commit eac2782
Showing 1 changed file with 6 additions and 5 deletions.
diff --git a/requirements/base.txt b/requirements/base.txt
@@ -89,7 +89,7 @@ deprecated==1.2.13
     # via limits
 deprecation==2.1.0
     # via apache-superset
-dnspython==2.1.0
+dnspython==2.6.1
     # via email-validator
 email-validator==1.1.3
     # via flask-appbuilder
@@ -149,15 +149,15 @@ google-auth==2.27.0
     # via shillelagh
 greenlet==3.0.3
     # via shillelagh
-gunicorn==21.2.0
+gunicorn==22.0.0
     # via apache-superset
 hashids==1.3.1
     # via apache-superset
-holidays==0.25
+holidays==0.45
     # via apache-superset
 humanize==4.9.0
     # via apache-superset
-idna==3.2
+idna==3.7
     # via
     #   email-validator
     #   requests
@@ -349,7 +349,7 @@ sqlalchemy-utils==0.38.3
     #   flask-appbuilder
 sqlglot==23.6.3
     # via apache-superset
-sqlparse==0.4.4
+sqlparse==0.5.0
     # via apache-superset
 sshtunnel==0.4.0
     # via apache-superset
@@ -406,3 +406,4 @@ zipp==3.15.0
 
 # The following packages are considered to be unsafe in a requirements file:
 # setuptools
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability